VDR Enhancements

[Scanteianu]

see comments

[Scanteianu]

add new source for cves - reference original ojvg page

[Scanteianu]

use credentials when querying NIST to prevent throttling

[Scanteianu]

translate version number into URI for temurin release

[Scanteianu]

figure out why affects only works some of the time

[Scanteianu]

add rating from ojvg as well

[Scanteianu]

see if versions can take a range - use semantic versioning - anything affecting major.minor is assumed to also impact all earlier versions of that major version

[Scanteianu]

@netomi thinks we might be able to use https://hub.docker.com/r/owasp/dependency-check to avoid having to download from NVD entirely

here is an example how it could be used from an action: https://github.com/dependency-check/DependencyCheck_Builder

[netomi]

actually the correct image should be https://hub.docker.com/r/owasp/dependency-check-action that is updated daily with the latest CVE data.

[Scanteianu]

see if versions can take a range - use semantic versioning - anything affecting major.minor is assumed to also impact all earlier versions of that major version

converted this to a new issue. #50